Beefy Boxes and Bandwidth Generously Provided by pair Networks
XP is just a number

Re^2: Change a user's Kerberos Password?

by Anonymous Monk
on Nov 05, 2010 at 20:47 UTC ( #869753=note: print w/ replies, xml ) Need Help??

in reply to Re: Change a user's Kerberos Password?
in thread Change a user's Kerberos Password?

Looking at the change_LDAP_password function in locksmith (at least in trunk) I notice you are hashing and replacing the attribute directly. It is probably easier/cleaner/better? to test for and use the ldap exop for password changes:

$msg = $ldaph->set_password(user => $dn, newpasswd => $newpass, oldpasswd => $oldpass);

This will let stuff like the openLdap smpk5pwd and ppolicy modules take care of other password related stuff like syncing NT/LANMAN passwords (needed for MSCHAP/eap/peap for wifi via radius) and password policy enforcement on the server. It also handles the encryption on the server with whatever standard the admin has setup in it there.

Comment on Re^2: Change a user's Kerberos Password?
Replies are listed 'Best First'.
Re^3: Change a user's Kerberos Password?
by 5mi11er (Deacon) on Apr 22, 2013 at 14:37 UTC
    Probably an excellent suggestion, but I haven't had to use that system in a while, and no longer have access to those systems, so I have no way of easily testing whether that would work or not.

Log In?

What's my password?
Create A New User
Node Status?
node history
Node Type: note [id://869753]
and the web crawler heard nothing...

How do I use this? | Other CB clients
Other Users?
Others contemplating the Monastery: (5)
As of 2016-05-27 00:06 GMT
Find Nodes?
    Voting Booth?